Privacy Policy

Introduction

This Privacy (“Policy”) applies to securing and processing of personal data by Stories of India Travel Experiences LLP (hereinafter “SOI”) in connection with personal data provided by any person (“User”) who has purchased or intends to purchase or inquiries about any product(s) or service(s) made by SOI through any of SOI’s interface channels including website, mobile site and mobile app (collectively referred herein as“ Sales Channels”).

For the purpose of Privacy Policy:

  • References in this policy to “you” or “your” are references to ‘User’
  • References to “we”, “us” or “our” are references to ‘“SOI”’
  • References to “website” mean a reference to ‘website(s)’, ‘mobile site(s)’ and mobile app(s)

By accessing or using the website or any other sales channel, the User agrees with the term of the Privacy Policy and the contents herein. If you disagree with the Privacy Policy please do not access or use our website or any other Sales Channels.

Your privacy is important to us and we recognise that the use and disclosure of personal data has important implications for us and for the users whose personal data we process.

By using or accessing the Website or other Sales Channels, the user hereby agrees with the terms of this Privacy Policy and the contents here in.

Purpose of the Policy

We respect your need to understand how and why information is being collected, used, disclosed, transferred and stored. Thus we have developed this Policy to familiarize you with our practices. This policy sets out the way in which we process your information when you use our Website or other digital platforms in accordance with applicable data protection laws/guidelines.

We are committed to protecting your personally identifiable information by which you can be identified (hereafter referred as “information” or “personal information” or “personal data” or “special category of personal data”) by handling it responsibly and safeguarding it by using appropriate technical and organizational measures.

What Personal Data we collect?
  • A) We may collect the following personal and sensitive information from you while transacting through us:

    • Name, gender, age and date of birth
    • Contact information, such as address, email, and mobile phone number
    • Country of residence
    • Credit Card details
    • Passport Number & frequent flyer number (wherever needed)
    • Lifestyle and social circumstances (for example, your hobbies)
    • Family details/information (for example, your marital status and dependents)
    • Employment and education details (for example, the organization you work for, your job title and your education details)
    • Financial and tax-related information (for example your income, investments and tax residency)
    • Postings or messages on any blogs, forums, platforms, wikis or social media applications of SOI and SOI’s third parties
    • IP address, browser type and language, your access times
    • Information in any complaints you make
    • Details of how you use our products and services
    • CCTV footage and other information we collect when you access our premises
    • Recording of telephone calls to our representatives and or call centres
    • Details of how you like to interact with us, and other similar information relevant to our relationship

  • B) The personal data we collect may also include ‘sensitive’ or ‘special categories’ of personal data, such as details about your:

    • Dietary requirements (for example, while providing your meal preference during flight/ hotel bookings)
    • Health (for example, so that we can make it easy for you to access our buildings, products and services, and/or for any special assistance required by you)

  • C) Personal information of other customers/users/travellers, if you provide personal information to us regarding individuals other than yourself, you agree.

    • To inform the individual about the content of this privacy policy
    • To obtain any legally-required consent, for the collection, use, disclosure, and transfer (including cross-border transfer) of individual’s personal information, from the individual in accordance with the legal and regulatory requirements

  • D) The other information that we collect

    • Analytics: Google Analytics, Appsflyer, Facebook Ads conversion tracking, Google Tag Manager, Intent Media.
    • Adobe Analytics: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service
    • Infrastructure monitoring: Crashlytics- Geographic position, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and various types of Data as specified in the privacy policy of the service.
    • Location-based interactions: Geographical locations
    • Unique device identification: This Application may track Users by storing a unique identifier of their device, for analytics purposes or for storing Users' preferences.

How do we collect Personal Data?

A) Directly: We obtain personal data directly from individuals in a variety of ways, including but not limited to obtaining personal data from individuals who provides us their business card, complete our online forms on our website/mobile app, provides records relating to previous requests or reservations made, subscribes to our newsletters and preference centre, registers for webinars, attends meetings or events we host, visits our offices. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract, or through our hosted software applications.

B) Indirectly: We obtain personal data indirectly about individuals from a variety of sources, including but not limited to from the travel agents, other travel websites, social media, authorized representative when such person is seeking travel services information on others behalf and our clients. We may attach personal data to our customer relationship management records to better understand and serve you, satisfy a legal obligation.

C) Public source: Personal data may be obtained from public sources such as news articles and Internet searches

D) Social and professional networking sites: D)If you register or login to our websites using social media (e.g., LinkedIn, Google, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want to be shared with us.

E) Business clients: Our business clients may engage us to provide products/services offered by us which involves sharing personal data they control as part of that engagement. Our services may also include processing personal data under our clients’ control on our hosted software applications. All such processing will be governed by SOI client’s privacy policy.

How will we use/process your personal data?

A) We do not sell or trade upon any of the above foregoing information without your consent. The foregoing information collected from you is put to the following use:

  • For the purpose of reservation and booking the services for you and for individuals whose information has been provided by you.
  • Information like Credit Card Details and Net Banking Details are usually collected directly by the payment gateways and banks and not by SOI, but if ever stored or retained by us, remain internal.
  • These details may also be processed with the help of certain third parties only for the purpose of processing 'Cash Back & Discounts' and Charge Backs, if applicable. Information like Mobile no, e-mail address and postal address may be used for promotional purposes.
  • To manage and respond to any request you submit through our website.
  • To meet legal and regulatory requirements.
  • Promoting our professional services, products and capabilities to existing and prospective business clients/ customers
  • Sending invitations and providing access to guests attending our events and webinars or our sponsored events.
  • Personalizing online landing pages and communications we think would be of interest based on interactions with us.

If you choose not to share this information, you can still visit our website, but you may be unable to avail certain options or our services.

B) How we use Cookies?

    In general, you can visit our website without telling us who you are or revealing any personal information about yourself. We track the Internet address of the domains from which people visit us and analyse this data for trends and statistics, but the individual user remains anonymous.

    Some of our web pages use "cookies" so that we can better serve you with customized information when you return to our site. Cookies are identifiers which web sites send to the browser on your computer to facilitate your next visit to our site. You can set your browser to notify you when you are sent a cookie, giving you the option to decide whether or not to accept it. The information we collect and analyse is used to improve our service to you.

With whom do we share your Personal Data

In connection with any of the purposes outlined in the “How will we use/process the personal data?” section above, we may disclose details about you to:

    A) Other members of the SOI group companies or third parties that provide services.

    B) Competent authorities (including appropriate legal authority and authorities regulating us for internal compliance and audit(s)).

    C) Other organization to whom we may transfer our rights and/or obligations under the Terms agreed between SOI and respective organization.

    D) Any other person or organization after a restructure, sale or acquisition of any member of the SOI, as long as they use your personal information for the same purposes we did.

    E) Credit reference agencies or other organizations that help us make credit decisions and reduce the incidence of fraud.

    F) Other third parties that reasonably require access to personal data relating to you. With specific reference to third party, We use third-party service providers to serve ads on our behalf across the Internet and sometimes on this site. They may collect anonymous information about your visits to our website, and your interaction with our products and services. They may also use information about your visits to this and other websites to target advertisements for goods and services. This anonymous information is collected through the use of a 'pixel tag', which is industry standard technology used by most major websites. No personally identifiable information is collected or used in this process. Such third parties do not know your name, phone number, address, email address, or any personal information which can identify you.

If you would like more information about this practice and to know your choices about not having this anonymous information used by our third party service provider, please email to us.

Our website hosts various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively “Social Media Applications”). Any personal data that you contribute to these Social Media Applications can be read, collected and used by other users of the application. We have little or no control over these other users, so any information you contribute to these Social Media Applications might not be handled in line with this privacy policy.

Information Protection and Security

Taking into account the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing, including:

A) the encryption of personal data;

B) the ability to ensure the on going confidentiality, integrity, availability and resilience of processing systems and services;

C) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and

D) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

We ensure that those who have permanent or regular access to personal data, or that are involved in the processing of personal data, or in the development of tools used to process personal data, are trained and informed of their rights and responsibilities in when processing personal data.

To protect your personal data and prevent unauthorized access, we have put in place appropriate security measures and certifications.

We require any third parties processing your information to do the implement the same levels of protection with respect to your data.

While no system is full-proof, including ours, we will continue using internet security procedures to ensure your data remains safe with us. By opening, browsing, using this site for transactions or storing any data/information, you agree to comply with the latest revised privacy notice in effect at such time. If you use some social networking or other service which maintains your information, it is governed by their terms of use and privacy notice.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. This includes, for example, the purposes of satisfying any legal, regulatory, accounting, reporting requirements, to carry out legal work, for the establishment or defence of legal claims.

We will retain your personal data in our databases in accordance with our document management, retention and destruction policy and applicable laws. This period may extend beyond the end of your relationship with us, but it will be only as long as it is necessary for us to have sufficient information to respond to any issues that may arise later. For example, we may need or be required to retain information to allow you to obtain credit for trip you purchased but had to cancel. We may also need the retain certain information to prevent fraudulent activity; to protect ourselves against liability, permit us to pursue available remedies or limit any damages that we may sustain; or if we believe in good faith that a law, regulation, rule or guideline requires it.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Changes to the Policy

This notice is effective as of 1st December 2023. We reserve the right to update or change this Policy at any time, and we will provide you with the updated policy when we make any substantial updates at the earliest either through email or by providing a prominent notice of change on our Website. You should check the policy periodically. Your continued use of our Website after we post any modifications to the policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified notice.

Your Rights

Under certain circumstances, you have rights under applicable data protection laws in relation to your personal data. It is our policy to respect your rights and we will act promptly and in accordance with any applicable law, rule or regulation relating to the processing of your personal data.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one calendar month. Occasionally it may take us longer than one calendar month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.